Is it possible in Yii 1.x to hang its hook specifically for checking access rights to the controller action?

For example, we have a controller:

class MyController extends Controller { public function filters() { return array( 'accessControl', // perform access control for CRUD operations 'postOnly + delete', // we only allow deletion via POST request ); } public function accessRules() { return array( array('allow', 'roles'=>array('root', 'admin', 'manager'), ), array('allow', 'actions'=>array('send', 'list'), 'users'=>array('*'), ), array('deny', // deny all users 'users'=>array('*'), ), ); }

so I need to execute my code, only for requests that require certain access rights (all actions except: send and list), while not responding to cases when such rights are not required (actions: send and list). At the same time note: I need to execute the code, before checking access rights to the action!

Is it possible and how?

    1 answer 1

    Override in the controller the method responsible for this:

     public function filterAccessControl($filterChain) { // Your code is here parent::filterAccessControl($filterChain); }
    • and how in this method to check that to perform the current action of the controller requires certain user rights, i.e. authorization? - Enshtein
    • What you want to achieve is not very clear. If you specifically describe the necessary actions, then perhaps this is generally implemented differently. - Zhukov Roman
    • I have a mobile application (HTML5) that interacts with the site on Yii. The application sends Ajax requests to the Yii site, which responds with content. Some requests must be authorized. Unfortunately, the HTML5 mobile application does not support COOKIE, therefore no sessions. Authorization of the application is based on the transfer of token to them. I do not want to perform authorization by token for each request. I think to make a separation: that the authorization on the token was made only for the controller's actions requiring authorization. - Enshtein